> On 20 Jan 2020, at 00:54, sebb <seb...@gmail.com> wrote: > > What is the use case for needing serialisation? > It's a lot of effort to maintain a serialisable class, and it opens > the class to deserialisation attacks.
I don’t have a use case. But the class used to support serialization back to the code tagged as CSV_1.0. Putting out new releases that do not support it is breaking binary compatibility. 1.7 was the first to break compatibility. The live site reports it as such [1]. I will state that I voted +1 on release 1.7. Somehow the issue was missed then and it has bugged me ever since. [1] https://commons.apache.org/proper/commons-csv/findbugs.html <https://commons.apache.org/proper/commons-csv/findbugs.html>
